8 matches found
JLSEC-2026-614 WebSocket default Origin check ignores scheme and port in HTTP.jl
Description The default WebSocket Origin validator originalloweddefault only enforced the host component of the same-origin tuple. It never checked the Origin's scheme, and when the request Host header carried no explicit port the norm for default-port 80/443 servers, where browsers omit the port...
EUVD-2021-12361
Malware in sbrugna...
CVE-2021-25465
An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack...
CVE-2021-25466
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token...
CVE-2021-25466
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token...
CVE-2021-25465
An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack...
Design/Logic Flaw
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token...
CVE-2021-25466
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token...